-
-
Notifications
You must be signed in to change notification settings - Fork 0
Home.en
Marcel edited this page Jul 9, 2026
·
2 revisions
Deutsch | English
HumanShield.APP is a self-hosted open-core platform for phishing awareness: plan, send and evaluate simulated phishing campaigns to make employees' resilience against social engineering measurable.
This wiki is the official documentation and is kept aligned with the current development status.
- Campaigns planning and sending, with scheduling
-
Templates for phishing emails (HTML or Markdown editor, personalization variables,
.emlimport including attachments) - Recipient groups via manual entry, CSV or LDAP
- Landing pages as the click target (HTML/Markdown, optional form capture)
- Tracking: opens, clicks and form submissions — with evaluation per recipient
- Sending profiles (SMTP per sender identity) plus a global fallback SMTP
- User management with roles, local login and optional OIDC SSO
- Two-factor authentication (authenticator app or email code, enforceable, backup codes)
- Audit log of sign-ins and system changes
- Light/dark mode, modern dashboard
-
Vendor-neutral & self-hosted: Runs at any operator; all environment-specific values (domain, IdP, SMTP) come from
.env/config — nothing is hard-wired in the code. - Security: Runtime credentials encrypted at rest (Fernet), passwords with Argon2id, hardened containers.
- Installation — start the stack via Docker Compose
- Configuration — login, OIDC, LDAP, SMTP, 2FA
- Features — templates, groups, campaigns, tracking …
- Architecture — technical structure
- Roadmap — planned extensions
HumanShield.APP is an independent open-core project; the core is licensed under the Mozilla Public License 2.0 (MPL-2.0). The commercial add-ons are separate and proprietary.
Deutsch
- Home
- Installation
- Konfiguration
- Funktionen
- Architektur
- Sicherheit
- NIS2 und BSI
- FAQ
- Fehlerbehebung
- Roadmap
English